Network Security

The growing dominance of ethernet for industrial networks provides opportunities, but also risks. This is due to the potential for connectivity to not only the entire plant LAN, but WAN and internet. This was never an issue with Modbus or DH+ for example!

There are a number of threats and issues to consider:

Viruses

Propagation of broadcast storms

Unauthorised access to network devices

Contagion due to the need for connectivity

Exposure to the internet

Nonetheless, there is no point having a powerful network like ethernet and not exploiting it fully.
The answer is in properly designing, securing and managing the network, and this inevitably involves the use of a network gateway or firewall in one or a number of places to control the traffic that passes through.

The Hirschmann EAGLE20 is an example of a product that provides a wide range of network security functions. The three most common are:

'Safe Service Port' - various techniques to ensure the visiting service engineer
can only access authorised equipment, and that he doesn't introduce a
virus to the network.

Plant <=> Corporate Network Interface - they think we engineers are a risk to them, and we think they are a risk to us, but we still need to talk! Two EAGLE20s connected back to back create a DMZ (demilitarised zone), a safe haven for shared data that offers both parties the necessary protection and functionality.

LAN Inter-Connection - Sometimes a plant will have deliberately kept different manufacturing cells on separate networks to prevent contagion. There comes a time when these networks need to be bridged, without compromising that separation that has served it purpose well. On top of traffic filtering firewall rules, the EAGLE20 provides Layer 3 Routing capability to join two IP networks together. This is considerably simpler than reassigning new addresses to every device and message instruction!

Hirschmann EAGLE20 Key Security Functions

Customisable Firewall for filtering based on MAC/IP Address, TCP/UDP Port and Transport Protocols

Would you like more information?
Call us now on 1300 INT AUT (1300 468 288), or send an enquiry. Note:This form is intended for customers only, not product or service providers, such offers should be made by phone or mail addressed to The Office Manager. Unsolicited offers, resumes and spam received through this form will be forwarded to Mailguard for blacklisting.